docker可以在Linux容器内运行吗?
[英]Can docker run inside a Linux Container?
问题描述
Koding is a collaborative programming environment, which creates a virtual machine for multiple user to colaborate on software development. 
Koding是一个协作编程环境,它为多个用户创建一个虚拟机来协作进行软件开发。 They use Linux Containers to virtualize the machines. 他们使用Linux Containers来虚拟化机器。 I'm not being able to install docker on it: 我无法在其上安装docker:
tiagoboldt@vm-2:~$ sudo docker build -t mongo .
[sudo] password for tiagoboldt:
Uploading context 645.1 kB
Uploading context
Step 0 : FROM ubuntu:latest
Pulling repository ubuntu
9cd978db300e: Error pulling image (latest) from ubuntu, endpoint: https://cdn-registry-1.docker.io/v1/, Driver aufs failed to get image rootfs 6170bb7b0ad1003a827e4dc5253ba49f6719599eac485db51eaafd507c13c311:
9cd978db300e: Error pulling image (latest) from ubuntu, Driver aufs failed to get image rootfs 6170bb7b0ad1003a827e4dc5253ba49f6719599eac485db51eaafd507c13c311: permission denied
6170bb7b0ad1: Error downloading dependent layers
2014/02/28 03:32:55 build: pull: Could not find repository on any of the indexed registries.
Can anyone suggest a workaround for installing docker? 任何人都可以建议安装docker的解决方法吗?
5 个解决方案
解决方案1
18 2014-09-17 08:25:57
Yes, docker can run in a linux container. 是的,docker可以在linux容器中运行。
But docker will only run with the lxc execution driver and in a unconfined lxc. 但是docker只能在lxc执行驱动程序和无限制的 lxc中运行。
So, here's how to get docker in LXC: 那么,这里是如何在LXC中获得docker:
Ensure you have
lxc.aa_profile = lxc-container-default-with-nesting(if it doesn't work or you don't have this profile, trylxc.aa_profile = unconfined) in theconfigfile of your LXC to ensure it will not be blocked byapparmor.确保您的LXC的config文件中有lxc.aa_profile = lxc-container-default-with-nesting(如果它不起作用或您没有此配置文件,请尝试lxc.aa_profile = unconfined)以确保它将不被apparmor阻止。 For more information, visit (or modify) files in/etc/apparmor.d/lxc.有关更多信息,请访问(或修改) /etc/apparmor.d/lxc文件。You need to install lxc in your container.
您需要在容器中安装lxc。 If you are under ubuntu for instance, run in the container apt-get install lxc.例如,如果您在ubuntu下,请在容器apt-get install lxc。Ensure that docker daemon is called with the
--exec-driver=lxcparameter.确保使用--exec-driver=lxc参数调用docker守护--exec-driver=lxc。 You can test it before by issuing manualydocker -d --exec-driver=lxc.您可以通过发出manualy docker -d --exec-driver=lxc来测试它。 In ubuntu, to have the argument being used at startup, simply edit/etc/default/dockerand ensure that you have the line:在ubuntu中,要在启动时使用参数,只需编辑/etc/default/docker并确保您拥有该行:
DOCKER_OPTS="--exec-driver=lxc"
Follow this thread for updates: https://github.com/docker/docker/issues/6783 请按照此主题进行更新: https : //github.com/docker/docker/issues/6783
If you need to troubleshoot: 如果您需要排除故障:
- keep an eye on
apparmorlogs in the kern logs of the host.密切关注主机kern日志中的apparmor日志。 - launch
docker -d ...manualy to get outputs.启动docker -d ...manualy获取输出。
Note: You might not have hand on the host to modify the LXC apparmor script on Koding by judging others answers, anyway, this howto remains of interest if you are the LXC provider, and it answers the more general question you've asked in your question's title and that might attract people in more general scenarios (as I was). 注意:您可能无法通过判断其他人的答案来主持修改Koding上的LXC apparmor脚本,无论如何,如果您是LXC提供商,这个如何仍然感兴趣,它会回答您在您的问题中提出的更一般的问题。问题的标题,这可能会在更一般的场景中吸引人们(就像我一样)。
解决方案2
6 已采纳 2014-03-01 01:52:12
Yes, it is possible. 对的,这是可能的。 However, you can't have an aufs partition nested within aufs. 但是,您不能将aufs分区嵌套在aufs中。 You need to mount an other system or use a different storage backend. 您需要安装其他系统或使用其他存储后端。
You can take a look at the docker's makefile and hack/dind . 你可以看一下hack/dind的makefile和hack/dind 。 You need the privileged mode in order to do so. 您需要特权模式才能这样做。
The easiest way to try is to do make shell and once in the container, you can start a new docker daemon :) 最简单的尝试方法是make shell和一次在容器中,你可以启动一个新的docker守护进程:)
EDIT: I tried Koding and it indeed not possible. 编辑:我试过Koding,但确实不可能。 You are not privileged within their container so you can't start a new docker. 您在其容器中没有特权,因此您无法启动新的docker。
解决方案3
5 2014-08-07 09:26:30
And here is a full guide for anyone else in the same boat. 这是同一艘船上其他人的完整指南。
Start a terminal and start typing.. 启动终端并开始输入..
docker run -i -t --privileged -v /var/lib/docker ubuntu bash
apt-get update && apt-get install -y docker.io
service docker.io start
ln -s /usr/bin/docker.io /usr/local/bin/docker
docker run -i -t ubuntu bash
Now you should be inside a container inside an other container. 现在你应该在另一个容器内的容器内。
Remarks: 备注:
- The flag
--privilegedis needed on the outer container to accomplish that.外部容器上需要标志--privileged才能实现这一点。 - You MUST use
-v /var/lib/dockerto avoid the limitation mentioned by creack.你必须使用-v /var/lib/dockerdocker来避免creack提到的限制。 -
ln -s /usr/bin/docker.io /usr/local/bin/dockeris just creating a symbolic link so that we can typedockerinstead ofdocker.ioln -s /usr/bin/docker.io /usr/local/bin/docker是刚创建符号链接,这样我们就可以键入docker,而不是docker.io
解决方案4
2 2015-03-16 21:19:51
You can do this inside of Terminal.com. 您可以在Terminal.com内执行此操作。
Just start a terminal and then run this: https://blog.terminal.com/docker-without-containers-pulldocker/ . 只需启动一个终端然后运行它: https : //blog.terminal.com/docker-without-containers-pulldocker/ 。
Note: I work for Terminal.com. 注意:我在Terminal.com工作。 We use a non-LXC, non-libcontainer implementation of container technology (which doesn't have the limitations of AUFS, for example). 我们使用容器技术的非LXC,非libcontainer实现(例如,它没有AUFS的限制)。 We're trying to make containers that perform like full Linux machines, and I think we're there. 我们正在尝试制作像完整Linux机器一样的容器,我想我们就在那里。 Try it out. 试试看。
解决方案5
1 2014-03-01 03:49:13
Yes. 是。 See this blog post: http://blog.docker.io/tag/inception/ 请参阅此博客文章: http : //blog.docker.io/tag/inception/
You have to start your container in privileged mode. 您必须以特权模式启动容器。
docker run -privileged -t -i jpetazzo/dind
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.